Item Search

NameAudit NamePluginCategory
1.1.3.14.1 Configure 'System cryptography: Force strong key protection for user keys stored on the computer'CIS Windows 8 L1 v1.0.0Windows

IDENTIFICATION AND AUTHENTICATION

2.3.14.1 Ensure 'System cryptography: Force strong key protection for user keys stored on the computer' is set to 'User is prompted when the key is first used' or higherCIS Windows 7 Workstation Level 2 v3.2.0Windows

IDENTIFICATION AND AUTHENTICATION

2.3.14.1 Ensure 'System cryptography: Force strong key protection for user keys stored on the computer' is set to 'User is prompted when the key is first used' or higherCIS Windows 7 Workstation Level 2 + Bitlocker v3.2.0Windows

IDENTIFICATION AND AUTHENTICATION

AIX7-00-003004 - AIX SSH private host key files must have mode 0600 or less permissive.DISA STIG AIX 7.x v2r9Unix

IDENTIFICATION AND AUTHENTICATION

APPNET0052 - Encryption keys used for the .NET Strong Name Membership Condition must be protected.DISA STIG for Microsoft Dot Net Framework 4.0 v2r2Windows

IDENTIFICATION AND AUTHENTICATION

AS24-U2-000390 - Only authenticated system administrators or the designated PKI Sponsor for the Apache web server must have access to the Apache web servers private keyDISA STIG Apache Server 2.4 Unix Site v2r4 MiddlewareUnix

IDENTIFICATION AND AUTHENTICATION

AS24-W2-000390 - Only authenticated system administrators or the designated PKI Sponsor for the Apache web server must have access to the Apache web servers private key.DISA STIG Apache Server 2.4 Windows Site v2r1Windows

IDENTIFICATION AND AUTHENTICATION

BIND-9X-001133 - The BIND 9.x server private key corresponding to the ZSK pair must be the only DNSSEC key kept on a name server that supports dynamic updates.DISA BIND 9.x STIG v2r2Unix

IDENTIFICATION AND AUTHENTICATION

Catalina - Set Smartcard Certificate Trust to HighNIST macOS Catalina v1.5.0 - 800-53r4 HighUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

Catalina - Set Smartcard Certificate Trust to HighNIST macOS Catalina v1.5.0 - 800-53r5 HighUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

DKER-EE-002380 - The certificate chain used by Universal Control Plane (UCP) client bundles must match what is defined in the System Security Plan (SSP) in Docker Enterprise.DISA STIG Docker Enterprise 2.x Linux/Unix v2r1Unix

IDENTIFICATION AND AUTHENTICATION

DKER-EE-002400 - Docker Enterprise Swarm manager must be run in auto-lock mode.DISA STIG Docker Enterprise 2.x Linux/Unix v2r1Unix

IDENTIFICATION AND AUTHENTICATION

DKER-EE-002410 - Docker Enterprise secret management commands must be used for managing secrets in a Swarm cluster.DISA STIG Docker Enterprise 2.x Linux/Unix v2r1Unix

IDENTIFICATION AND AUTHENTICATION

JBOS-AS-000320 - The JBoss server must be configured to restrict access to the web servers private key to authenticated system administrators - directoryDISA RedHat JBoss EAP 6.3 STIG v2r3Unix

IDENTIFICATION AND AUTHENTICATION

JBOS-AS-000320 - The JBoss server must be configured to restrict access to the web servers private key to authenticated system administrators - keystore fileDISA RedHat JBoss EAP 6.3 STIG v2r3Unix

IDENTIFICATION AND AUTHENTICATION

MADB-10-004100 - MariaDB must enforce authorized access to all PKI private keys stored/used by the DBMS.DISA MariaDB Enterprise 10.x v1r2 DBMySQLDB

IDENTIFICATION AND AUTHENTICATION

MD3X-00-000360 - MongoDB must enforce authorized access to all PKI private keys stored/utilized by MongoDB - PEMKeyFileDISA STIG MongoDB Enterprise Advanced 3.x v2r1 OSUnix

IDENTIFICATION AND AUTHENTICATION

MD4X-00-003100 - MongoDB must enforce authorized access to all PKI private keys stored/utilized by MongoDB - CAFileDISA STIG MongoDB Enterprise Advanced 4.x v1r2 OSUnix

IDENTIFICATION AND AUTHENTICATION

MD4X-00-003100 - MongoDB must enforce authorized access to all PKI private keys stored/utilized by MongoDB - PEMKeyFileDISA STIG MongoDB Enterprise Advanced 4.x v1r2 OSUnix

IDENTIFICATION AND AUTHENTICATION

Monterey - Set Smartcard Certificate Trust to HighNIST macOS Monterey v1.0.0 - 800-53r4 HighUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

Monterey - Set Smartcard Certificate Trust to HighNIST macOS Monterey v1.0.0 - All ProfilesUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

Monterey - Set Smartcard Certificate Trust to HighNIST macOS Monterey v1.0.0 - 800-53r5 HighUnix

IDENTIFICATION AND AUTHENTICATION, SYSTEM AND COMMUNICATIONS PROTECTION

MYS8-00-004800 - The MySQL Database Server 8.0 must enforce authorized access to all PKI private keys stored/utilized by the MySQL Database Server 8.0DISA Oracle MySQL 8.0 v1r4 OS LinuxUnix

IDENTIFICATION AND AUTHENTICATION

MYS8-00-004800 - The MySQL Database Server 8.0 must enforce authorized access to all PKI private keys stored/utilized by the MySQL Database Server 8.0.DISA Oracle MySQL 8.0 v1r4 DBMySQLDB

IDENTIFICATION AND AUTHENTICATION

O112-C1-015400 - The DBMS, when using PKI-based authentication, must enforce authorized access to the corresponding private key - SSL_CIPHER_SUITESDISA STIG Oracle 11.2g v2r3 WindowsWindows

IDENTIFICATION AND AUTHENTICATION

O112-C1-015400 - The DBMS, when using PKI-based authentication, must enforce authorized access to the corresponding private key - SSL_CLIENT_AUTHENTICATIONDISA STIG Oracle 11.2g v2r3 WindowsWindows

IDENTIFICATION AND AUTHENTICATION

O112-C1-015400 - The DBMS, when using PKI-based authentication, must enforce authorized access to the corresponding private key - SSL_VERSIONDISA STIG Oracle 11.2g v2r3 WindowsWindows

IDENTIFICATION AND AUTHENTICATION

O121-C1-015400 - The DBMS, when using PKI-based authentication, must enforce authorized access to the corresponding private key.DISA STIG Oracle 12c v2r8 LinuxUnix

IDENTIFICATION AND AUTHENTICATION

O121-C1-015400 - The DBMS, when using PKI-based authentication, must enforce authorized access to the corresponding private key.DISA STIG Oracle 12c v2r8 WindowsWindows

IDENTIFICATION AND AUTHENTICATION

OL08-00-010100 - OL 8, for certificate-based authentication, must enforce authorized access to the corresponding private key.DISA Oracle Linux 8 STIG v1r8Unix

IDENTIFICATION AND AUTHENTICATION

PGS9-00-010200 - PostgreSQL must enforce authorized access to all PKI private keys stored/utilized by PostgreSQL.DISA STIG PostgreSQL 9.x on RHEL OS v2r3Unix

IDENTIFICATION AND AUTHENTICATION

RHEL-08-010100 - RHEL 8, for certificate-based authentication, must enforce authorized access to the corresponding private key.DISA Red Hat Enterprise Linux 8 STIG v1r13Unix

IDENTIFICATION AND AUTHENTICATION

RHEL-09-611190 - RHEL 9, for PKI-based authentication, must enforce authorized access to the corresponding private key.DISA Red Hat Enterprise Linux 9 STIG v1r1Unix

IDENTIFICATION AND AUTHENTICATION

SQL6-D0-008400 - SQL Server must enforce authorized access to all PKI private keys stored/utilized by SQL Server.DISA STIG SQL Server 2016 Instance OS Audit v2r11Windows

IDENTIFICATION AND AUTHENTICATION

TCAT-AS-000710 - Keystore file must be protected.DISA STIG Apache Tomcat Application Server 9 v2r6 MiddlewareUnix

IDENTIFICATION AND AUTHENTICATION

VCFL-67-000018 - vSphere Client must ensure appropriate permissions are set on the keystore.DISA STIG VMware vSphere 6.7 Virgo Client v1r2Unix

IDENTIFICATION AND AUTHENTICATION

VCLD-67-000025 - VAMI must protect the keystore from unauthorized access.DISA STIG VMware vSphere 6.7 VAMI-lighttpd v1r3Unix

IDENTIFICATION AND AUTHENTICATION

VCLD-70-000017 - VAMI must protect the keystore from unauthorized access - MIME that invoke OS shell programs disabled.DISA STIG VMware vSphere 7.0 VAMI v1r2Unix

IDENTIFICATION AND AUTHENTICATION

VCPG-67-000014 - VMware Postgres must enforce authorized access to all PKI private keys.DISA STIG VMware vSphere 6.7 PostgreSQL v1r2Unix

IDENTIFICATION AND AUTHENTICATION

VCPG-70-000012 - VMware Postgres must enforce authorized access to all public key infrastructure (PKI) private keys.DISA STIG VMware vSphere 7.0 PostgreSQL v1r2Unix

IDENTIFICATION AND AUTHENTICATION

VCRP-67-000007 - The rhttpproxy private key file must be protected from unauthorized access.DISA STIG VMware vSphere 6.7 RhttpProxy v1r3Unix

IDENTIFICATION AND AUTHENTICATION

VCRP-70-000005 - The Envoy private key file must be protected from unauthorized access.DISA STIG VMware vSphere 7.0 RhttpProxy v1r1Unix

IDENTIFICATION AND AUTHENTICATION

WBSP-AS-001230 - The WebSphere Application Server default keystore passwords must be changed.DISA IBM WebSphere Traditional 9 STIG v1r1Unix

IDENTIFICATION AND AUTHENTICATION

WBSP-AS-001230 - The WebSphere Application Server default keystore passwords must be changed.DISA IBM WebSphere Traditional 9 Windows STIG v1r1Windows

IDENTIFICATION AND AUTHENTICATION

WBSP-AS-001230 - The WebSphere Application Server default keystore passwords must be changed.DISA IBM WebSphere Traditional 9 STIG v1r1 MiddlewareUnix

IDENTIFICATION AND AUTHENTICATION

WDNS-IA-000007 - The Windows 2012 DNS Server key file must be owned by the account under which the Windows 2012 DNS Server service is run.DISA Microsoft Windows 2012 Server DNS STIG v2r5Windows

IDENTIFICATION AND AUTHENTICATION

WDNS-IA-000008 - The Windows 2012 DNS Server permissions must be set so that the key file can only be read or modified by the account that runs the name server software.DISA Microsoft Windows 2012 Server DNS STIG v2r5Windows

IDENTIFICATION AND AUTHENTICATION

WDNS-IA-000009 - The private key corresponding to the ZSK must only be stored on the name server that does support dynamic updates.DISA Microsoft Windows 2012 Server DNS STIG v2r5Windows

IDENTIFICATION AND AUTHENTICATION

WN19-SO-000350 - Windows Server 2019 users must be required to enter a password to access private keys stored on the computer.DISA Windows Server 2019 STIG v2r8Windows

IDENTIFICATION AND AUTHENTICATION

WN22-SO-000350 - Windows Server 2022 users must be required to enter a password to access private keys stored on the computer.DISA Windows Server 2022 STIG v1r4Windows

IDENTIFICATION AND AUTHENTICATION